Salesforce

Authentication

Connecting to SFDC as a user

A good practice for connecting to Salesforce is creating a new user account, reserved just for making API calls to the organization's instance. Note that this means that any changes the API user will make will be logged under that API user in the instance (vs. the end user who is actually making the changes).

Thus, the first thing you should do is obtain credentials to such user account that was created by the org's admin.

Creating an app

The next thing that you should do in order to connect to the Salesforce API is create a new app. Here's how you do so:

  1. Login to the instance, go to Setup (gear icon in the top right), then search for "App Manager" in the search box on the left

  2. Click "New Connected App"

    1. You should fill out the 3 mandatory fields at the top

    2. You should check the "Enable OAuth Settings" checkbox

    3. For the "Callback URL" you can enter any URL since we will be manually exchanging the code for a token

    4. For "Selected OAuth Scopes" you should select both "Full access" and "Perform requests on your behalf anytime"

    5. You can leave everything else as it is

  3. Once the app is created you should note the Consumer Key and Consumer Secret

Authorizing a user

Once the app is created, we need to have the user authorize the app to access their data. To do that:

  1. Open the URL that will allow the user to authorize

    1. The URL will be constructed like https://[EITHER LOGIN OR TEST].salesforce.com/services/oauth2/authorize?response_type=code&client_id=[CONSUMER KEY FROM ABOVE]&redirect_uri=[CALLBACK URL FROM ABOVE]&scope=full%20refresh_token

    2. Use "login" prefix for authorizing a production instance and "test" prefix for authorizing a sandbox instance

    3. Paste in the consumer key

    4. Use the same callback URL as you added when creating the app

  2. Authorize the application

  3. You'll be redirected to the whatever callback URL you specified before and the URL will have a "code" parameter - you'll need the value from this parameter for the next step

Getting a refresh token

The next step is to use the code you've obtained above to get a Refresh Token, which you'll actually use to make API calls:

  1. Go to this Bubble Editor and copy the "Salesforce Authentication" API into your application

  2. Fill out all of the parameters in the "Retrieve Token" API call

    1. env will be "login" or "test" (same as above)

    2. code will be the code from above

    3. client id, client secret, and redirect URL will be from the app that you created

  3. Initialize the call

  4. There will be two pieces of data that are returned that you should note: refresh_token (used for authorizing api calls) and instance_url (used for knowing which url to use for making api calls)

Authorizing API Calls

Now you can authorize your API calls! To do so just choose "OAuth2 Custom Token" in the API Connector as the authentication and construct the Token endpoint as follows: https://[LOGIN OR TEST].salesforce.com/services/oauth2/token?grant_type=refresh_token&client_secret=[CLIENT SECRET]&client_id=[CLIENT ID]&redirect_uri=[REDIRECT URL]&refresh_token=[REFRESH TOKEN FROM ABOVE]

Using the Salesforce REST API

There are generally two types of API calls that we use (examples here):

  • Calls for creating/reading/updating/deleting a single object

    • These can look something like like [base_url]/services/data/v32.0/sobjects/Contact/1234567

    • The base url is the same as the instance URL shown above

  • Calls for retrieving a list of objects using either simple or complex search criteria

    • These can look something like [base_url]/services/data/v32.0/query/?q=SELECT Id FROM Contact WHERE FirstName = 'Test test'

    • These use SOQL, a query language that's used by Salesforce and very similar to SQL

Finding out object and field IDs

To make the above API calls you'll need to know the API ids of both objects and fields. Here's how you can find out what they are:

  1. Log into Salesforce

  2. Click the little gear icon on the top right of the page then click Setup

  3. Find "object manager" in the search box on the top left

  4. Find the object that you need - its API name is displayed next to it

  5. Click on the object, then on Fields & Relationships to see the list of fields for that object with their API names